Cyber Threat Intelligence Analyst

The UK faces growing threats to its cyber security. Staying ahead of rapidly evolving technological challenges and increasing demand from our partners is critical. Thats why our cyber team works at pace to analyse data and detect malicious activity that could harm national security. As a Cyber Threat Intelligence Analyst, youll support MI5s cyber threat work and partner strategy. Drawing on your significant experience, youll identify, investigate, and analyse cyber threats, carrying out meaningful work that keeps the UK safe.

Work spans a range of technical areas, offering real scope. Day-to-day activities may include carrying out network analysis, applying an understanding of internet protocols to review network indicators, events, and topologies. Alternatively, disk and memory forensics knowledge may be applied to operating system artefacts, files and malware. Responsibilities may involve producing accurate reports or developing analytical or workflow capabilities, creating a diverse mix of investigative cyber work.

This role goes beyond supporting MI5s operations, involving close collaboration with partners across government, finance, and the wider public sector to help meet growing demand. Activities range from performing intricate cyber analysis tasks and briefing internal and external stakeholders to using a variety of cyber tools. The role offers a good level of autonomy, while also encouraging you to support others by listening, guiding, and advising.

You dont need a specific degree to apply, but youll need significant experience working in cyber security, networking protocols, and data analysis, as well as either network- or host-based forensics. Youll come from an applied cyber background, where youve gained experience in threat analysis, SOC analysis, threat intelligence, or similar. This may include experience in other government departments, law enforcement, or financial, regulatory, or legal institutions.

Our cyber team uses a wide range of tools and technologies, so expertise in any one is not essential. You might have had exposure to forensic tools such as X-Ways, FTK, and EnCase, or network and security analysis programmes including Elasticsearch, Splunk, and Wireshark. This will be supported by an awareness of coding and programming, allowing you to read and understand inputs.

Working as part of a busy yet collaborative team, youll be confident engaging with colleagues as well as external partners. With a well-developed analytical mindset, an organised approach, and a natural technical curiosity, youll think creatively to solve problems and seek to understand how and why incidents occur. There is an opportunity to turn findings into clear, well-structured reports, so good written communication skills and the ability to confidently explain complex technical subjects to non-technical audiences are essential. Youll be keen to continue developing your technical capability, making the most of learning opportunities to stay ahead in a rapidly evolving cyber landscape.